Medium severity6.1NVD Advisory· Published Feb 2, 2018· Updated Jun 17, 2026
CVE-2015-2796
CVE-2015-2796
Description
Multiple cross-site scripting (XSS) vulnerabilities in Project-Pier ProjectPier-Core allow remote attackers to inject arbitrary web script or HTML via the search_for parameter to (1) search_by_tag.php, (2) search_contacts.php, or (3) search.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)
Patches
Vulnerability mechanics
References
2- github.com/Project-Pier/ProjectPier-Core/commit/74ecbd4e939a65ba643a4af05fbdb1bb66992435nvdPatchThird Party Advisory
- github.com/Project-Pier/ProjectPier-Core/issues/37nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.